There’s little out there that parallels the anxiety of discovering that your site has been compromised. After all, it’s how your customers find you and how the world sees you. Sometimes, it’s where people make payments – and you could be in trouble.
If you open up your site and it’s suddenly very different than you remember, filled with spam links, or been disabled – or worse, replaced with a fake site asking users for money – then you’ve probably been hacked.
At Schweb, we occasionally see these situations and fix the sites right up. Whether hackers exploit sites for personal gain or out of other nefarious means, we get to the root of the problem and suss it out.
Some hacking situations are much more dire than others, but as long as certain best practices are maintained, we can clear up hackers’ attempts.
At Schweb, we take regular backups of our clients’ websites. Although restoring a backup of your site isn’t a large ordeal in the case of a hack, the real danger is that your site becomes hacked without you even noticing it, causing harm to your visitors, customers, or your brand.
This begs a series of questions: Who are hackers? What are they targeting? Most importantly, how can you stay safe?
Who Are These Hackers, Anyway?
Hackers are people who often like take things apart and rebuild them. They may enjoy tinkering and learning. They’re curious, intelligent and capable.
A hacker can be anyone, really. There are stereotypes, movies, and tropes out there that paint a picture of who hackers are – but they’re just regular people looking for money, or something to do. It’s not glamorous, but it’s true.
You can’t block an IP to stop hackers, or a country, or even a user. These are relatively simple to change and it’s not a tall order for the average hacker. Instead, focusing on the site’s vulnerability is a much more effective method to protect yourself.
Lock the door, don’t move.
What Are Hackers Targeting?
All hackers target and exploit vulnerability. They’re looking for the problem of how to get in and they’re looking for tools to beat the defenses or to find ways around them.
Hackers aren’t necessarily doing this as a personal attack on any one person or organization; sometimes they’re trying to solve a puzzle with unintended consequences.
Regardless of the why, the what remains: they target a weak point and get through it.
What Can You Do to Avoid Being a Target?
Most hackers work by installing viruses, denial of services, and phishing.
A virus is a program that users unintentionally install that harms a computer. Viruses can then be spread through the network to other computers, usually through deception.
For example, people are tricked into installing fake software. Often, the trick looks like a security update and by the time the victim clicks on the link, it’s too late.
Once installed, the virus can steal and delete files, take over programs and operate the machine even when a user isn’t there.
Viruses can even link up to other computers, create a bot and take down websites. When this happens, it’s called a distributed denial of service (DOS). This gives hackers the opportunity to overwhelm the websites they targeted with millions and trillions of requests, which crashes sites.
Hackers have also been known to send spam to people to trick them into revealing their information. This is called phishing. You can protect yourself by taking a look at red flags phishers use to gain your information, and be careful where you put your login credentials.
What Can You Do to Help Your Cybersecurity?
Here are some practical rules of thumb to protect your site from hackers.
Update Your Website
Make sure to sign up with a site maintenance plan or hosting service that will regularly conduct site updates on your behalf. Content Management Systems, like WordPress and Drupal, keep their core up to date by addressing common irregularities and vulnerabilities that get exploited by hackers.
Having a development company activate and monitor these updates frequently ensures the security of your site. Keeping the locks well-oiled will keep hackers out.
Trying to do these updates on your own can be a little tricky, as some plugins don’t always interact well with automated processes – and sometimes they can outright break. With a development company on your side, these hitches can be ironed out on the double to keep your site looking and operating at its best.
Change Your Passwords
Get in the habit of changing your passwords every so often to make sure any past events won’t come back to bite you. Every few months, rotate a password in your list of accounts out, and choose a new one. Remember: pick a strong one! Like passwords with random, unrelated words and symbols make it hard for hackers to assemble or crack.
A side note on passwords: try your best not to repeat them across accounts. Each account that you have, especially for banking or your website, should be entirely unique. Do not reuse one password for multiple accounts, or even parts of a password (for example piesky1 to piesky2). Make the hackers work for it! Don’t make it easy for them.
If you have a hard time with all the accounts and passwords we need to remember nowadays, you can always rely on a password manager to keep track for you. As long as it’s a trusted tool, it does wonders for keeping track of them all.
Two-Factor Authentication
Even though it can add a little hassle to your log in routine, digging your phone out to check a text and inputting several numbers over and over, it’s a tremendous barrier for hackers. Like adding a bolt lock above your door handle lock.
Masquerading as a phone and catching a text is incredibly difficult and nearly impossible for the average hacker; which the majority of hackers are.
If Something Feels Off, It Probably Is
Trust your instincts! If you open up an email and it doesn’t seem legitimate, it may be a phishing attempt. Spend a few minutes to call the company the email claimed to be from with the number you always use, and verify that it came from them.
If it didn’t, leave that email alone. Add it to your email’s spam folder. You can even block the sender; if it’s a lazy hacker they’ll likely not try again.
Call Your Development Company
At Schweb, we tackle hacking issues for our clients and add protections across the board to prevent another attempt. We’re happy to help, and happy to answer any questions you may have about hacking or protecting yourself from hackers.